# Guardrails

Guardrails enforce least-privilege access at the moment of every tool call, before any data is exchanged. The page walks through the real risk: you connect Gmail and accidentally grant send, delete, and forward permissions alongside read. Civic defaults to the safest possible scope and requires explicit grants to expand. You configure guardrails in natural language through the Civic UI: restrict Gmail to read-only, lock Drive to a specific folder, limit Calendar to internal meetings. Every violation is blocked and logged, and agents cannot read or modify their own guardrails. Built-in protections include PII redaction, prompt injection blocking, and unsafe file format filtering, all on by default.

Source: https://www.civic.com/features/guardrails